Beruflich Dokumente
Kultur Dokumente
OSPF
show ip ospf neigh
show ip ospf database
show ip route
router ospf process id
network ip netmask area id
sh run int
ip ospf hello-interval 5
ip ospf mtu-ignore
passive-interface IP
router-id 1.1.1.1
Switch
show running-conf
show startup config
show version
show flash
show mac-address-table
show interface status
line vty password 0 4
password
login
line con 0
VLAN
vlan 10
name {name}
exit
interface f0/0
switchport mode access
switchport access vlan 10
sh vlan
interface range f0/1-4
switchport mode trunk
switchport trunk encapsulation dot1q
show interface trunk
interface f 0/1.10
encapsulation dot1q 10
multilayer switch
int vlan 10
ip address x.x.xx.x
no shut
ip routing
SPANNING TREE
show spanning tree
show spanning tree vlan id priority no.
show spanning tree root
spanning-tree mode rapid pvst
spanning-tree portfast
spanning tree vlan id priority no.
Ethernet channel
interface range f0/1-4
chanel group 12 mode
show ether channel summery
int port-channel 12
switchport mode trunk
switchport trunk encapsulation dot1q
Portfast
int range f0/1-3
spanning tree portfast
or for all access port below command
spanning tree portfast default
ACL
access-list 15 deny 192.168.0.1 0.0.0.0
access-list 15 deny host 192.168.0.2
access-list 15 permit any
go to interface of router
ip access-group 15 out
Named acl
ip access-list standard name
deny/permit statement
extended acl
access-list 125 deny tcp source ip mask destination eq port
NAT
ip nat inside source static private IP Public IP
int f0/0
ip nat inside
int s0/0
ip nat outside
sh ip nat translations
Dynamic
access-list 55 permit private IP wide card nask
IP nat pool ccna 50.0.0.1 50.0.0.200 netmask 255.255.255.0
ip nat inside source list 55 pool ccna
int f0/0
ip nat inside
int s0/0
ip nat outside
pat
only add overload in dynamic after ip nat inside source list 55 pool ccna
ip nat inside source int s0/0 overload
IPV^
RIPng
use same process id
ipv6 unicast routing
ipv6 router rip CCNA
config-if#ipv6 rip CCNA enable
sh ipv6 protocol
sh ipv6 route
OSPF3
ipv6 unicast routing
ipv6 router ospf 1
router id ipv4 address
go to interface
config-int#ipv6 ospf 1 area 10
IPV6 Eigrp
ipv6 router eigrp 100
no shutdown
router-id ipv4 address
go to interface
config-int#ipv6 eigrp 100
GRE
int tunnel 12
ip address 10.0.12.1 255.255.255.0
tunnel source 50.0.0.1 or router interface
tunnel destination 50.0.0.2 or remote router int
do it on both sides
CDP
sh cdp neigh
sh cdp neigh detail
sh cdp int
no cdp enable
LLDP
lldp run
on interface
int f0/0
lldp transmit
lldp receive
sh lldp neigh
speed auto
duplex auto
MDIX AUTO
VLAN connectivity
sh int status
PPP
int s0/0
encapsulation ppp
ppp authentication chap
username hostname password cisco (hostname should be of remote and password same
Static
IP route dest IP subnet next hope do the same for next router
AAA
aaa new-model
aaa authentication login default group tacas+local
line con 0
login authentication default
username 1 password 2
tacas-server host 192.168.0.1
tacas server key 1234
Port Security
switchport port-security
switchport port-security value
switchport port-security voilation protect]restict[shutdown
switchport port-security mac-address [MAC}
switchport port-security mac-address stickey
sh port-security
switchport mode dynamic auto
ip dhcp snooping
ip dhcp snooping vlan numb
int f0/0
ip dhcp snooping trust
confreg 0 2142
reset
0/r 0 2142
i
copy startup config startup config
config-register 0 2142
sh logging
clear logging
logging buffered 16354 in RAM
terminal monitor for telnet
logging host 10.1.1.2
ntp master 2
ntp server 10.0.0.0
sh ntp status
sh ntp associations
ntp athentication key1 mod5 cisco these four commands on client side
ntp athenticate
ntp trusted key1
ntp server 10.0.0.0 key1
SPAN
monitor session 1 source int f0/0
monitor session 1 destination int f0/0
DHCP
ip dhcp pool CCNA
dns-server IP
default-router
network IP subnet
ip dhcp excluded-address IP
1300823393
ACL Lab
qccess-list 100 permit tcp host 192.168.1.17 host 146 eq 80
access-list 100 deny IP any host fin server
access-list 100 permit ip host public server any
int f0/0
access-group 100 out
NAT2
access-list 10 permit 192.168.100.16 0.0.0.15
ip nat pool mynatpool 198.18.184.105 198.18.185.110 netmask 255.255.255.248
ip nat inside source list 10 pool mynatpool overload
RIP
router rip
version 2
network 192.168.1.0
SW1(config)#aaa new-model
SW1(config)#radius-server host 192.168.1.2 auth-port 1812 acct-port 1813 key CCNA
SW1(config)#aaa authentication dot1x default group radius
SW1(config)#dot1x system-auth-control
SW1(config)#interface gig0/2
SW1(config-if)#switchport mode access
SW1(config-if)#dot1x port-control auto
Ether channel
SW1(config)#interface range fa0/1-2
SW1(config-if-range)#channel-group 1 mode active
SW1(config)#interface range fa0/1-2
SW1(config-if-range)#channel-group 1 mode passive
SW1(config)#interface range fa0/1-2
SW1(config-if-range)#channel-group 1 mode desireable
show etherchannel summery
line vty 0 4
transport input ssh to disable telnet
IPV6
ipv6 unicast routing
ipv6 add IP/64
ipv6 address autoconfig
VTP
vtp domain Cisco
vtp mode client
vtp password Cisco